US9992678B2 - Network locking or card locking method and device for a mobile terminal, terminal, SIM card, storage media - Google Patents

Network locking or card locking method and device for a mobile terminal, terminal, SIM card, storage media Download PDF

Info

Publication number
US9992678B2
US9992678B2 US15/114,138 US201415114138A US9992678B2 US 9992678 B2 US9992678 B2 US 9992678B2 US 201415114138 A US201415114138 A US 201415114138A US 9992678 B2 US9992678 B2 US 9992678B2
Authority
US
United States
Prior art keywords
mobile terminal
sim card
imei
card
initializing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
US15/114,138
Other languages
English (en)
Other versions
US20170013451A1 (en
Inventor
Haixiang MIAO
Ke Yang
Wei Li
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Assigned to ZTE CORPORATION reassignment ZTE CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LI, WEI, MIAO, Haixiang, YANG, KE
Publication of US20170013451A1 publication Critical patent/US20170013451A1/en
Application granted granted Critical
Publication of US9992678B2 publication Critical patent/US9992678B2/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04L61/6054
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/654International mobile subscriber identity [IMSI] numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • the present disclosure relates to the field of mobile communications, and in particular to a method and device for network/card locking of a mobile terminal, a terminal, a Subscriber Identity Module (SIM) card and a storage medium.
  • SIM Subscriber Identity Module
  • SIM Subscriber Identity Module
  • SIM/USIM cards are collectively, below, referred to as SIM cards in the present disclosure.
  • the network locking function may guarantee that a user is only served by a specific operator and ensure benefits of the operator.
  • a common network locking method includes: processing network locking parameters by a certain encryption method and then storing the network locking parameters in a non-volatile data area of a mobile terminal; every time the mobile terminal is started, reading network locking parameters from a SIM card and relevant information, and comparing the network locking parameters and the relevant information with the network locking parameters stored in the non-volatile data area; if they are matched, allowing the mobile terminal to further read International Mobile Subscriber Identification Number (IMSI) information about the SIM card, and initializing the SIM card; otherwise, prohibiting the mobile terminal from reading the IMSI information about the SIM card to terminate an initialization flow of the mobile terminal so as to realize network locking.
  • IMSI International Mobile Subscriber Identification Number
  • the traditional art has the defects that: many crack organizations can obtain and modify network locking parameters in a mobile terminal so as to crack this network locking method, thereby damaging benefits of operators.
  • the embodiments of the present disclosure provide a method and device for network/card locking of a mobile terminal, a terminal, a SIM card and a storage medium.
  • a method for card locking of a mobile terminal is provided, which may be applied to a SIM card and may include the steps as follows.
  • Encrypted data sent by a mobile terminal is received.
  • the authentication result is returned to the mobile terminal.
  • the method may further include the steps as follows.
  • a first International Mobile Equipment Identification Number (IMEI) sent by the mobile terminal is received.
  • IMEI International Mobile Equipment Identification Number
  • Both the random number and the judgment result indicating that the binding relationship exists between the mobile terminal and the SIM card are returned to the mobile terminal.
  • the step that it is judged, according to the first IMEI, whether the binding relationship exists between the mobile terminal and the SIM card and the judgment result is obtained may specifically include the steps as follows.
  • the determination result indicates that the first IMEI matches with the second IMEI
  • the judgment result indicating that the binding relationship exists between the mobile terminal and the SIM card is obtained.
  • the first IMEI is recorded to complete binding between the SIM card and the mobile terminal, and the judgment result indicating that the binding relationship exists between the mobile terminal and the SIM card is obtained.
  • the step that it is authenticated, according to the encrypted data, whether the mobile terminal is capable of initializing the SIM card and the authentication result is obtained may correspondingly include the steps as follows.
  • a random number is generated according to the first IMEI.
  • Encryption calculation is performed on the random number by a predetermined encryption algorithm and authenticated data is obtained.
  • a method for network locking of a mobile terminal is provided, which may be applied to a mobile terminal and may include the steps as follows.
  • Encrypted data used to authenticate whether the mobile terminal is capable of initializing a SIM card is sent to the SIM card.
  • the method may further include the steps as follows.
  • a first IMEI of the mobile terminal is sent to the SIM card, wherein the first IMEI is configured to judge whether a binding relationship exists between the mobile terminal and the SIM card.
  • a random number returned by the SIM card is received.
  • the step that the encrypted data used to authenticate whether the mobile terminal is capable of initializing the SIM card is sent to the SIM card may include the steps as follows.
  • encryption calculation is performed on the random number according to a preset encryption algorithm and the encrypted data is obtained.
  • the encrypted data is sent to the SIM card.
  • a device for card locking of a mobile terminal which may be applied to a SIM card and may include a first receiving unit, an authentication unit and a first return unit, wherein
  • the first receiving unit is configured to receive encrypted data sent by a mobile terminal
  • the authentication unit is configured to authenticate, according to the encrypted data, whether the mobile terminal is capable of initializing the SIM card, and obtain an authentication result;
  • the first return unit is configured to return the authentication result to the mobile terminal.
  • the device may further include a second receiving unit, a judgment unit, a generation unit and a second return unit, wherein
  • the second receiving unit is configured to receive a first IMEI sent by the mobile terminal
  • the judgment unit is configured to judge, according to the first IMEI, whether a binding relationship exists between the mobile terminal and the SIM card, and obtain a judgment result;
  • the generation unit is configured to generate a random number according to the first IMEI
  • the second return unit is configured to return to the mobile terminal both the judgment result, indicating that the binding relationship exists between the mobile terminal and the SIM card, and the random number.
  • the judgment unit may be specifically configured to:
  • the authentication unit may include a first encryption module and a comparison module, wherein
  • the first encryption module is configured to perform encryption calculation on the random number according to a predetermined encryption algorithm and obtain authenticated data
  • the comparison module is configured to compare whether the encrypted data matches with the authenticated data and obtain the authentication result.
  • a device for network locking of a mobile terminal which may be applied to a mobile terminal and may include a first sending unit, a third receiving unit and a prohibition unit, wherein
  • the first sending unit is configured to send encrypted data used to authenticate whether the mobile terminal is capable of initializing a SIM card to the SIM card;
  • the third receiving unit is configured to receive an authentication result, which is returned by the SIM card and indicates whether the mobile terminal is capable of initializing the SIM card;
  • the prohibition unit is configured to prohibit, when the authentication result indicates that the SIM card cannot be initialized, initialization of the SIM card.
  • the device may further include a second sending unit and a fourth receiving unit, wherein
  • the second sending unit is configured to send a first IMEI of the mobile terminal to the SIM card, the first IMEI being used to judge whether a binding relationship exists between the mobile terminal and the SIM card;
  • the fourth receiving unit is configured to receive a random number returned by the SIM card.
  • the first sending unit may include a determination module, a second encryption module and a sending module, wherein
  • the determination module is configured to determine whether a length of the random number matches with a preset length, and obtain a determination result
  • the second encryption module is configured to perform, when the determination result indicates that the length of the random number matches with the preset length, encryption calculation on the random number according to a preset encryption algorithm and obtain the encrypted data;
  • the sending module is configured to send the encrypted data to the SIM card, the encrypted data being used to authenticate whether the mobile terminal is capable of initializing the SIM card.
  • a SIM card which may include: a SIM card file system and a card locking device, wherein
  • the SIM card file system is configured to initialize information of the SIM card
  • the card locking device includes a first receiving unit, an authentication unit and a first return unit,
  • the first receiving unit being configured to receive encrypted data from a mobile terminal
  • the authentication unit being configured to authenticate, according to the encrypted data, whether the mobile terminal is capable of initializing the SIM card, and obtain an authentication result, and
  • the first return unit being configured to return the authentication result to the mobile terminal.
  • a mobile terminal which may include: a SIM card initialization system and a network locking device, wherein
  • the SIM card initialization system is configured to read, from a SIM card file system, information for initializing a SIM card, and initialize the SIM card;
  • the network locking device includes a first sending unit, a third receiving unit and a prohibition unit,
  • the first sending unit being configured to send encrypted data used to authenticate whether the mobile terminal is capable of initializing a SIM card to the SIM card
  • the third receiving unit being configured to receive an authentication result which is returned by the SIM card and indicates whether the mobile terminal is capable of initializing the SIM card, and
  • the prohibition unit being configured to, when the authentication result indicates that the SIM card cannot be initialized, prohibit the SIM card initialization system from reading the information for initializing the SIM card from the SIM card file system, and initialize the SIM card.
  • a computer storage medium is also provided.
  • Computer executable instructions may be stored in the computer storage medium and may be configured to execute the method for card locking of a mobile terminal and/or the method for network locking of a mobile terminal, as described above.
  • encrypted data is sent to a SIM card by a mobile terminal, it is authenticated whether the mobile terminal can initialize the SIM card; when an authentication result indicates that the mobile terminal cannot initialize the SIM card, the mobile terminal is prohibited from initializing the SIM card, so that a network communication module of the mobile terminal cannot be used normally, thereby achieving network locking; and in addition, additionally-stored network locking parameters may be not used in a process of judging whether to perform network locking on the mobile terminal, thereby avoiding the situation that network locking of the mobile terminal can be cracked by modifying the network locking parameters, improving the security of network locking of the mobile terminal, and protecting benefits of operators.
  • FIG. 1-1 is a flow diagram 1 of a method for card locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 1-2 is a flow diagram 2 of a method for card locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 1-3 is a flow diagram of Step 101 in a method for card locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 2-1 is a flow diagram 1 of a method for network locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 2-2 is a flow diagram 2 of a method for network locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 3-1 is a simple flow diagram of a network/card locking method for a mobile terminal according to an embodiment of the present disclosure
  • FIG. 3-2 is a detailed flow diagram of a network/card locking method for a mobile terminal according to an embodiment of the present disclosure
  • FIG. 4-1 is a schematic diagram 1 of the composition structure of a device for card locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 4-2 is a schematic diagram 2 of the composition structure of a device for card locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 4-3 is a schematic diagram of the composition structure of an authentication unit in a device for card locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 5-1 is a schematic diagram 1 of the composition structure of a device for network locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 5-2 is a schematic diagram 2 of the composition structure of a device for network locking of a mobile terminal according to an embodiment of the present disclosure
  • FIG. 6-1 is a schematic diagram 1 of the composition structure of a SIM card according to an embodiment of the present disclosure
  • FIG. 6-2 is a schematic diagram 2 of the composition structure of a SIM card according to an embodiment of the present disclosure.
  • FIG. 7-1 is a schematic diagram 1 of the composition structure of a mobile terminal according to an embodiment of the present disclosure.
  • FIG. 7-2 is a schematic diagram 2 of the composition structure of a mobile terminal according to an embodiment of the present disclosure.
  • FIG. 8 is a schematic diagram of the composition structure of a network/card locking device for a mobile terminal according to an embodiment of the present disclosure.
  • FIG. 1-1 illustrates a flow of a method for card locking of a mobile terminal according to an embodiment of the present disclosure.
  • the method is applied to a SIM card, and includes the steps as follows.
  • Step 100 Encrypted data sent by a mobile terminal is received.
  • Step 101 It is authenticated, according to the encrypted data, whether the mobile terminal is capable of initializing the SIM card, and an authentication result is obtained.
  • the authentication result is used to indicate whether the mobile terminal can initialize the SIM card.
  • Step 102 The authentication result indicating whether the mobile terminal is capable of initializing the SIM card is returned to the mobile terminal.
  • the mobile terminal is prohibited from initializing the SIM card.
  • the mobile terminal when the authentication result indicates that the mobile terminal cannot initialize the SIM card, the mobile terminal is prohibited from initializing the SIM card, so that a network communication module of the mobile terminal cannot be normally used, thereby realize network locking.
  • data will be encrypted each time before the SIM card authenticates the mobile terminal, when authentication of the mobile terminal is obviously not passed (for example, the mobile terminal is completely unmatched with the SIM card), a network locking operation cannot be directly executed for the reason that it is determined that any one of the SIM card or the mobile terminal does not match with an appointment of an operator, therefore, data have to be encrypted continuously to form encrypted data, the encrypted data is then compared with authenticated data in the SIM card, and a conclusion about whether to lock network can be obtained only after the comparison is completed, thereby increasing the processing flow of network locking.
  • the method further includes the steps as follows.
  • Step 103 A first IMEI sent by the mobile terminal is received.
  • Step 104 It is judged, according to the first IMEI, whether a binding relationship exists between the mobile terminal and the SIM card, a judgment result is obtained, and a random number is generated according to the first IMEI.
  • the judgment result is used to indicate that the binding relationship exists between the mobile terminal and the SIM card.
  • Step 105 Both the random number and the judgment result indicating that the binding relationship exists between the mobile terminal and the SIM card are returned to the mobile terminal.
  • the SIM card before the SIM card encrypts the data, it is judged whether the binding relationship exists between the mobile terminal and the SIM card according to the received first IMEI; and when the binding relationship does not exist between the mobile terminal and the SIM card, the mobile terminal may not be authenticated, and the network locking operation on the mobile terminal is directly executed, thereby simplifying the processing flow of network locking.
  • the step that it is judged, according to the first IMEI, whether the binding relationship exists between the mobile terminal and the SIM card and the judgment result is obtained specifically includes the steps as follows.
  • a second IMEI is pre-stored in the SIM card, it is judged whether the received first IMEI matches with the second IMEI.
  • the SIM card determines that the mobile terminal is illegal, and returns a status value indicative of error to the mobile terminal.
  • the SIM card stores the first IMEI as a mark indicative the binding with the mobile terminal so as to complete the binding between the SIM card and the mobile terminal, and the judgment result indicating that the binding relationship exists between the mobile terminal and the SIM card is obtained.
  • Step 101 specifically includes the steps as follows.
  • Step 111 Encryption calculation is performed on a random number by a predetermined encryption algorithm and authenticated data is obtained.
  • the random number is generated according to the first IMEI.
  • Step 112 It is compared whether the encrypted data matches with the authenticated data and an authentication result is obtained.
  • the encrypted data is authenticated, therefore, even if the data is externally monitored in the authentication process, data adopted in the authentication cannot be leaked, thereby ensuring the effect of the method for card locking of a mobile terminal.
  • a method for network locking of a mobile terminal is also proposed, which includes the steps as follows.
  • Step 200 Encrypted data used to authenticate whether the mobile terminal can initialize a SIM card is sent to the SIM card.
  • Step 201 An authentication result, which is returned by the SIM card and indicates whether the mobile terminal can initialize the SIM card, is received.
  • Step 202 When the authentication result indicates that the SIM card cannot be initialized, initialization of the SIM card is prohibited.
  • the mobile terminal is prohibited from initializing the SIM card.
  • the mobile terminal also sends a first IMEI to the SIM card, such that the SIM card judges whether a binding relationship exists between the mobile terminal and the SIM card.
  • the card locking method at the mobile terminal side includes the steps as follows.
  • Step 203 The first IMEI of the mobile terminal is sent to the SIM card.
  • the first IMEI may be carried in a CHALLENGE command, and the first IMEI is used to judge whether the binding relationship exists between the mobile terminal and the SIM card.
  • Step 204 Both a random number and a judgment result, which is returned by the SIM card and indicates that the binding relationship exists between the mobile terminal and the SIM card are received.
  • the random number is generated by the SIM card according to the first IMEI.
  • the random number is encrypted by the mobile terminal before authentication, and when the received random number has an obvious problem, a network locking operation cannot be directly executed for the reason that it is determined that any one of the SIM card or the mobile terminal does not match with an appointment of an operator, instead, the random number has to be encrypted again to form encrypted data, the encrypted data is then sent to the SIM card and compared with authenticated data in the SIM card, and after the comparison is completed, a conclusion about whether to lock network can be obtained, thereby increasing the processing flow of network locking.
  • Step 205 It is determined whether the length of the random number matches with a preset length, and a determination result is obtained.
  • Step 206 If the determination result indicates that the length of the random number matches with the preset length, encryption calculation is performed on the random number according to a preset encryption algorithm, and the encrypted data is obtained.
  • Step 207 The encrypted data is sent to the SIM card.
  • Step 205 to Step 207 are steps specifically included by Step 200 .
  • the encrypted data is used to authenticate whether the mobile terminal initialize the SIM card.
  • Step 201 An authentication result, which is returned by the SIM card and indicates whether the mobile terminal can initialize the SIM card, is received.
  • Step 202 When the authentication result indicates that the SIM card cannot be initialized, initialization of the SIM card is prohibited.
  • a mobile terminal network/card locking method is further described below according to an embodiment.
  • the network/card locking method for a mobile terminal is to add authentication protection to an IMSI file inside an SIM card, and a software terminal and the SIM card appoint a specific envelope command, defined by two non-3GPP standard protocols, for authentication.
  • An IMSI authentication flow is added in a SIM card initialization process of a mobile terminal. Specifically, during the initialization stage of the SIM card, before IMSI information is read, the mobile terminal issues a first envelop command (named CHALLENGE in order to facilitate expression), wherein, according to the command, a device IMEI, as a parameter, is issued to the SIM card, and if the SIM card does not record IMEI information previously, the IMEI will be recorded as an IMEI of a bound terminal.
  • a first envelop command named CHALLENGE in order to facilitate expression
  • the SIM card will determine whether the IMEI issued by the CHALLENGE command is identical to an IMEI stored in the SIM card, and if identical, the SIM card regards the terminal as a legal terminal and returns to the mobile terminal data which is obtained by encrypting the IMEI and serves as response data of the CHALLENGE command.
  • the mobile terminal After receiving return data of the CHALLENGE command from the SIM card, the mobile terminal performs certain encryption processing to generate a parameter of a second envelop command (named AUTHENTICATE in order to facilitate expression) and issues the parameter to the SIM card, the SIM card performs legality judgment on the issued parameter internally; if it is determined that the parameter is legal, the mobile terminal is allowed to further read the IMSI information about the SIM card, otherwise, the mobile terminal is prohibited from reading an IMSI of the SIM card.
  • the IMSI is a file which must be read in the SIM card initialization process, once the IMSI cannot be read, an initialization flow of a mobile device will be ended, thereby realizing network locking.
  • SIM is an abbreviation of Subscriber Identity Module, and represents a subscriber identity module. It is, actually, a smart card internally containing a large-scale integrated circuit and configured to register data and information of subscriber identities.
  • STK SIM TOOL KIT
  • SIM TOOL KIT Subscriber Identity Module Application Toolkit
  • a small programming language allows a SIM based on a smart card to run the application software of the SIM.
  • An envelope command is a command sent to an SIM card by a mobile terminal in an STK function.
  • FIG. 3-1 shows a simple flow diagram of a network/card locking method for a mobile terminal. The method includes the steps as follows.
  • Step S 321 A mobile terminal issues a first envelope command (CHALLENGE) to command to issue a device IMEI as a parameter to a SIM card.
  • CHALLENGE first envelope command
  • Step S 321 is carried out at the initialization stage of a SIM card before IMSI information is read.
  • Step S 322 After receiving the CHALLENGE command, the SIM card determine whether IMEI information is recorded previously; if not recorded, an IMEI is recorded as an IMEI of a bound terminal; if having stored the IMEI information, the SIM card determines whether the IMEI issued by the CHALLENGE command is identical to an IMEI stored by the SIM card; if the IMEI issued by the CHALLENGE command is different from the IMEI stored by the SIM card, the SIM card regards the terminal as an illegal terminal and returns an error status; if the IMEI issued by the CHALLENGE command is identical to the IMEI stored by the SIM card, the SIM card regards the terminal as a legal bound terminal, returns data, obtained by encrypting the IMEI, to the mobile terminal as response data of the CHALLENGE command, and returns a status value indicative of success.
  • Step S 323 After receiving the data returned by the SIM card, the mobile terminal performs judgment; if the returned status value or a data length does not conform to an appointment, it is determined that the SIM card is an illegal card, and the initialization of the SIM card is terminated; and if the status value and the data are legal, a parameter of an AUTHENTICATE command generated by performing certain encryption processing on the returned data is issued to the SIM card.
  • Step S 324 The SIM card performs legality judgment on the issued parameter of the AUTHENTICATE command internally; if it is determined that the parameter is legal, the mobile terminal is allowed to further read the IMSI information of the SIM card, and otherwise, the mobile terminal is prohibited from reading an IMSI of the SIM card.
  • envelope command authentication protection may be added to an IMSI file inside the SIM card of an operator, that is, only after the mobile terminal and the SIM card perform legal envelope command interaction, a file system of the SIM card can be normally accessed. Otherwise, when any mobile terminal issues a command to read an IMSI, the SIM card will return a status value indicative of error, and the SIM card cannot be normally used.
  • the mobile terminal may modify a code at the initialization stage of the SIM card, and before important parameters such as the IMSI are read for the first time, an operation of envelope command authentication on the SIM card is added. Only when the authentication is passed, the subsequent initialization of the SIM card is allowed. As a legal returned result and a command detail for envelope command authentication are appointed with the operator and there is no definition in a 3GPP protocol, SIM cards of other operators cannot make a response, conforming to an appointment, to an envelope authentication command issued by the mobile terminal. The mobile terminal may determine the SIM card as an illegal card accordingly, so as to terminate the initialization of the SIM card. As all other modules such as a network finder of the mobile terminal depend on the accomplishment of initialization of the SIM card, once the initialization of the SIM card is ended, all other modules cannot be normally used, thereby achieving network locking.
  • FIG. 3-2 shows a detailed flow of a network/card locking method for a mobile terminal.
  • the method includes the steps as follows.
  • Step 301 A mobile terminal issues a CHALLENGE command to a SIM card, and takes an IMEI as a parameter thereof.
  • Step 302 An internal program of the SIM card determines whether IMEI information is recorded therein; if the SIM card has not stored the IMEI information previously, Step 303 is executed, and if the SIM card has stored the IMEI information previously, Step 304 is executed.
  • Step 303 The SIM card stores the received IMEI as a mark indicative of device binding, and then Step 305 is executed.
  • Step 304 It is determined whether the IMEI received from the CHALLENGE command is identical to an IMEI stored by the SIM card; if identical, Step 305 is executed, and otherwise, Step 306 is executed.
  • Step 305 The SIM card returns a series of random numbers having appointed lengths generated according to the IMEI to the mobile terminal as response data of the CHALLENGE command, and returns a status value 90 00 indicative of success.
  • Step 306 The SIM card determines that the mobile terminal is illegal, and returns a status value indicative of error.
  • Step 307 The mobile terminal determines whether the returned status value is success; if the returned status value is success, Step 308 is executed, and otherwise, Step 314 is executed.
  • Step 308 It is determined whether a returned data length conforms to an appointment; if conforming, Step 309 is executed, and otherwise, Step 314 is executed.
  • Step 309 Appointed encryption processing is performed on the returned data, and a result, serving as a parameter of an AUTHENTICATE command, is issued to the SIM card.
  • Step 310 After receiving the AUTHENTICATE command, the SIM card compares the received AUTHENTICATE command with its own calculation result and determines whether the received data is legal; if legal, Step 311 is executed, and otherwise, Step 312 is executed.
  • Step 311 The SIM card determines that the mobile terminal is legal, and returns a status value indicative of success, and Step 313 is executed.
  • Step 312 The SIM card determines that the mobile terminal is illegal, and returns a status value indicative of error, and Step 313 is executed.
  • Step 313 After receiving the status value returned by the SIM card, the mobile terminal determines whether the status value is success; if the returned status value is success, Step 315 is executed, and otherwise, Step 314 is executed.
  • Step 314 The mobile terminal determines that the SIM card is an illegal card, and stops the initialization flow of the SIM card.
  • Step 315 The mobile terminal determines that the SIM card is a legal card, reads information such as the IMSI of the SIM card, and executes the subsequent initialization of the SIM card.
  • the network/card locking method for a mobile terminal according to the encrypted data sent to a SIM card by the mobile terminal, it is authenticated whether the mobile terminal can initialize the SIM card; when an authentication result indicates that the mobile terminal cannot initialize the SIM card, the mobile terminal is prohibited from initializing the SIM card, so that a network communication module of the mobile terminal cannot be normally used, thereby realizing network locking; and in addition, additionally-stored network locking parameters may be not used in a process of judging whether to perform network locking on the mobile terminal, thereby avoiding the situation that network locking of the mobile terminal may be cracked by modifying the network locking parameters, improving the security of network locking of the mobile terminal, and protecting benefits of operators.
  • FIG. 4-1 shows a diagram of composition structure of an embodiment of a device for card locking of a mobile terminal.
  • the device is applied to a SIM card, and includes a first receiving unit 401 , an authentication unit 402 and a first return unit 403 , wherein
  • the first receiving unit 401 is configured to receive encrypted data sent by a mobile terminal
  • the authentication unit 402 is configured to authenticate, according to the encrypted data, whether the mobile terminal can initialize the SIM card and obtain an authentication result;
  • the first return unit 403 is configured to return the authentication result, indicating whether the mobile terminal can initialize the SIM card, to the mobile terminal.
  • the mobile terminal is prohibited from initializing the SIM card.
  • the device further includes a second receiving unit 404 , a judgment unit 405 , a generation unit 406 and a second return unit 407 , wherein
  • the second receiving unit 404 is configured to receive a first IMEI sent by the mobile terminal
  • the judgment unit 405 is configured to judge, according to the first IMEI, whether a binding relationship exists between the mobile terminal and the SIM card, and obtain a judgment result;
  • the generation unit 406 is configured to generate a random number according to the first IMEI.
  • the second return unit 407 is configured to return to the mobile terminal both the random number and the judgment result indicating that the binding relationship exists between the mobile terminal and the SIM card.
  • the random number is generated by the SIM card according to the first IMEI.
  • judgment unit is specifically configured to:
  • the authentication unit 402 includes a first encryption module 421 and a comparison module 422 , wherein
  • the first encryption module 421 is configured to perform encryption calculation on the random number according to a predetermined encryption algorithm, and obtain authenticated data
  • the comparison module 422 is configured to compare whether the encrypted data matches with the authenticated data, and obtain the authentication result.
  • the authentication result displays that the authenticated data does not match with the encrypted data
  • the authentication result indicates that the mobile terminal cannot initialize the SIM card is obtained.
  • Functions and a processing flow of the device for card locking of a mobile terminal provided in this embodiment may refer to the flow of the embodiment for the method for card locking of a mobile terminal provided above, which will not be elaborated herein.
  • FIG. 5-1 shows a schematic diagram of the composition structure of an embodiment for a device for network locking of a mobile terminal.
  • the device 500 for network locking of a mobile terminal is applied to a mobile terminal, and includes a first sending unit 501 , a third receiving unit 502 and a prohibition unit 503 , wherein
  • the first sending unit 501 is configured to send encrypted data used to authenticate whether the mobile terminal can initialize a SIM card to the SIM card;
  • the third receiving unit 502 is configured to receive an authentication result which is returned by the SIM card and indicates whether the mobile terminal can initialize the SIM card;
  • the prohibition unit 503 is configured to prohibit initialization of the SIM card when the authentication result indicates that the SIM card cannot be initialized.
  • the mobile terminal also sends a first IMEI to the SIM card, such that the SIM card judges whether a binding relationship exists between the mobile terminal and the SIM card.
  • the device 500 for network locking of a mobile terminal includes a second sending unit 504 , a fourth receiving unit 505 , a first sending unit 501 , a third receiving unit 502 and a prohibition unit 503 , wherein
  • the second sending unit 504 is configured to send the first IMEI of the mobile terminal to the SIM card, the first IMEI being used to judge whether a binding relationship exists between the mobile terminal and the SIM card;
  • the fourth receiving unit 505 is configured to receive, from the SIM card, a random number and a judgment result which indicates that the binding relationship exists between the mobile terminal and the SIM card, the random number being generated by the SIM card according to the first IMEI.
  • the first sending unit 501 includes a determination module 511 , a second encryption module 512 and a sending module 513 , wherein
  • the determination module 511 is configured to determine whether the length of the random number matches with a preset length, and obtain a determination result
  • the second encryption module 512 is configured to perform, when the determination result indicates that the length of the random number matches with the preset length, encryption calculation on the random number according to a preset encryption algorithm and obtain the encrypted data;
  • the sending module 513 is configured to send the encrypted data to the SIM card, the encrypted data being used to authenticate whether the mobile terminal can initialize the SIM card.
  • the third receiving unit 502 is configured to receive an authentication result which is returned by the SIM card and indicates whether the mobile terminal can initialize the SIM card.
  • the prohibition unit 503 is configured to prohibit initialization of the SIM card when the authentication result indicates that the SIM card cannot be initialized.
  • Functions and a processing flow of the device for network locking of a mobile terminal provided in this embodiment may refer to the flow of the embodiment for the method for network locking of a mobile terminal provided above, which will not be elaborated herein.
  • the SIM card 600 includes: a SIM card file system 601 and a device for card locking of a mobile terminal (a card locking device for short) 602 , wherein
  • the SIM card file system 601 is configured to initialize information of the SIM card
  • the card locking device 602 is configured to: receive encrypted data from a mobile terminal; authenticate, according to the encrypted data, whether the mobile terminal can initialize the SIM card, and obtain an authentication result; and return to the mobile terminal the authentication result indicating whether the mobile terminal can initialize the SIM card, wherein if the authentication result indicates that the mobile terminal cannot initialize the SIM card, the mobile terminal is prohibited from reading, from the SIM card file system, information for initializing the SIM card.
  • the SIM card file system includes IMSI information.
  • the card locking device 602 includes a first receiving unit 621 , an authentication unit 622 and a first return unit 623 , wherein
  • the first receiving unit 621 is configured to receive encrypted data from a mobile terminal
  • the authentication unit 622 is configured to authenticate, according to the encrypted data, whether the mobile terminal can initialize the SIM card, and obtain an authentication result;
  • the first return unit 623 is configured to return the authentication result, indicating whether the mobile terminal can initialize the SIM card, to the mobile terminal.
  • the mobile terminal is prohibited from reading, from the SIM card file system, information for initializing the SIM card.
  • Functions and a processing flow of the SIM card provided in this embodiment may refer to the flow of the embodiment for the method for card locking of a mobile terminal provided above, which will not be elaborated herein.
  • the mobile terminal 700 includes: a SIM card initialization system 701 and a device for network locking of a mobile terminal (a network locking device for short) 702 , wherein
  • the SIM card initialization system 701 is configured to read, from a SIM card file system, information for initializing a SIM card, and initialize the SIM card;
  • the network locking device 702 is configured to: send encrypted data used to authenticate whether the mobile terminal can initialize a SIM card to the SIM card; and receive an authentication result which is returned by the SIM card and indicates whether the mobile terminal can initialize the SIM card, wherein when the authentication result indicates that the mobile terminal cannot initialize the SIM card, the SIM card initialization system is prohibited from reading information for initializing the SIM card from the SIM card file system, and the SIM card is initialized.
  • the network locking device 702 includes a first sending unit 721 , a third receiving unit 722 and a prohibition unit 723 , wherein
  • the first sending unit 721 is configured to send, to the SIM card, encrypted data used to authenticate whether the mobile terminal can initialize a SIM card;
  • the third receiving unit 722 is configured to receive an authentication result which is returned by the SIM card and indicates whether the mobile terminal can initialize the SIM card;
  • the prohibition unit 723 is configured to prohibit, when the authentication result indicates that the SIM card cannot be initialized, the SIM card initialization system from reading information for initializing the SIM card from the SIM card file system, and initialize the SIM card.
  • Functions and a processing flow of the mobile terminal provided in this embodiment may refer to the flow of the embodiment for the method for network locking of a mobile terminal provided above, which will not be elaborated herein.
  • a network/card locking device for a mobile terminal is further described below in an embodiment.
  • the network/card locking device for a mobile terminal in this embodiment includes a SIM card initialization apparatus 810 and a SIM card 820 located in a mobile terminal 800 .
  • the SIM card initialization apparatus 810 includes a PIN code check module 811 , a mobile terminal envelope command authentication module 812 and a SIM card file reading initialization module 813 , wherein
  • the PIN code check module 811 is configured to check, when a PIN code of the SIM card is enabled, the PIN code, and after checking of the PIN code is passed, the mobile terminal envelope command authentication module 812 executes subsequent operations;
  • the mobile terminal envelope command authentication module 812 is configured to issue an envelope command to execute an authentication operation, and parse and judge a return result from the SIM card;
  • the SIM card file reading initialization module 813 is configured to initialize the SIM card, read parameters, such as an IMSI, needed for running of a mobile device from a SIM card file system, and the SIM card file reading initialization module 813 is allowed to execute the operation only after the mobile terminal envelope command authentication module 812 determines that the SIM card is legal.
  • the SIM card 820 includes an envelope command authentication processing module 821 and a SIM card file system 822 , wherein
  • the envelope command authentication processing module 821 is in charge of giving a response to the envelope command issued by the mobile terminal.
  • the SIM card file system 822 is protected by the envelope command authentication processing module 821 , and an access to IMSI information in the file system is allowed only when the envelope command authentication processing module 821 determines that the mobile terminal is legal.
  • the network/card locking device for a mobile terminal, the mobile terminal and the SIM card provided in the embodiments of the present disclosure, it is authenticated whether the mobile terminal can initialize the SIM card according to encrypted data sent to the SIM card by the mobile terminal; when an authentication result indicates that the mobile terminal cannot initialize the SIM card, the mobile terminal is prohibited from initializing the SIM card, so that a network communication module of the mobile terminal cannot be normally used, thereby achieving network locking; and in addition, additionally-stored network locking parameters may be not used in a process of judging whether to perform network locking on the mobile terminal, thereby avoiding the situation that network locking of the mobile terminal may be cracked by modifying the network locking parameters, improving the security of network locking of the mobile terminal, and protecting benefits of operators.
  • the first receiving unit, the authentication unit, the first return unit, the second receiving unit, the judgment unit, the generation unit and the second return unit in the device for card locking of a mobile terminal provided by the embodiment of the present disclosure as well as the first encryption module and the comparison module in the authentication unit may be implemented by a processor in the SIM card.
  • the first sending unit, the third receiving unit, the prohibition unit, the second sending unit and the fourth receiving unit in the device for network locking of a mobile terminal provided by the embodiment of the present disclosure may be implemented by the processor in the SIM card.
  • the processor mentioned above may be implemented by a specific logical circuit.
  • the processor may be a Central Processing Unit (CPU), a Micro Processing Unit (MPU), a Digital Signal Processor (DSP), a Field Programmable Gate Array (FPGA) or the like.
  • the product may also be stored in a computer readable storage medium.
  • the technical solutions of the embodiments of the present disclosure may be substantially embodied in a form of a software product, or parts contributing to the traditional art may be embodied in a form of a software product, and the computer software product is stored in a storage medium, including a plurality of instructions enabling a computer device which may be a personal computer, a server or a network device to execute all or some of the methods according to each embodiment of the present disclosure.
  • the storage medium includes various media capable of storing program codes, such as a U disk, a mobile hard disk, a Read Only Memory (ROM), a magnetic disk or an optical disc.
  • program codes such as a U disk, a mobile hard disk, a Read Only Memory (ROM), a magnetic disk or an optical disc.
  • a computer storage medium is also provided.
  • Computer executable instructions are stored in the computer storage medium and are configured to execute the method for card locking of a mobile terminal and/or the method for network locking of a mobile terminal, provided in each embodiment of the present disclosure.
  • each of the above embodiments is merely intended to illustrate the technical solutions of the present disclosure but does not limit the technical solutions; although the present disclosure is illustrated in detail with reference to each of the above embodiments, those skilled in the art shall understand that they can still modify the technical solutions recorded by each of the above embodiments or can equivalently replace some or all of the technical features; and these modifications or replacements do not make the essences of corresponding technical solutions depart from the scope of the technical solutions in each embodiment of the present disclosure.
  • the mobile terminal it is authenticated whether the mobile terminal can initialize the SIM card according to encrypted data sent to a SIM card by a mobile terminal; when an authentication result indicates that the mobile terminal cannot initialize the SIM card, the mobile terminal is prohibited from initializing the SIM card, so that a network communication module of the mobile terminal cannot be normally used, thereby achieving network locking; and in addition, additionally-stored network locking parameters may be not used in a process of judging whether to perform network locking on the mobile terminal, thereby avoiding the situation that network locking of the mobile terminal may be cracked by modifying the network locking parameters, improving the security of network locking of the mobile terminal, and protecting benefits of operators.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephone Function (AREA)
  • Mobile Radio Communication Systems (AREA)
US15/114,138 2014-01-26 2014-05-15 Network locking or card locking method and device for a mobile terminal, terminal, SIM card, storage media Active US9992678B2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN201410038404.XA CN104811926A (zh) 2014-01-26 2014-01-26 移动终端锁网锁卡的方法、装置及移动终端、sim卡
CN201410038404 2014-01-26
CN201410038404.X 2014-01-26
PCT/CN2014/077596 WO2015109692A1 (zh) 2014-01-26 2014-05-15 移动终端锁网锁卡方法及装置、终端、sim卡、存储介质

Publications (2)

Publication Number Publication Date
US20170013451A1 US20170013451A1 (en) 2017-01-12
US9992678B2 true US9992678B2 (en) 2018-06-05

Family

ID=53680724

Family Applications (1)

Application Number Title Priority Date Filing Date
US15/114,138 Active US9992678B2 (en) 2014-01-26 2014-05-15 Network locking or card locking method and device for a mobile terminal, terminal, SIM card, storage media

Country Status (4)

Country Link
US (1) US9992678B2 (zh)
EP (1) EP3099090B1 (zh)
CN (1) CN104811926A (zh)
WO (1) WO2015109692A1 (zh)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190246283A1 (en) * 2016-10-25 2019-08-08 Shenzhen Jia Ren Xun Information Technology Co., Ltd. Method for preventing network locking information of terminal device from being cracked

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11736468B2 (en) * 2015-03-16 2023-08-22 Assa Abloy Ab Enhanced authorization
CN106507333A (zh) * 2015-09-07 2017-03-15 中兴通讯股份有限公司 一种机卡互锁方法及装置
CN105657696A (zh) * 2015-12-22 2016-06-08 深圳市润雨投资有限公司 一种脱离sim卡的手机通信方法及系统
US10091007B2 (en) * 2016-04-04 2018-10-02 Mastercard International Incorporated Systems and methods for device to device authentication
CN105898828B (zh) * 2016-06-07 2019-07-26 青岛海信移动通信技术股份有限公司 网络搜索方法和装置
CN107635218B (zh) * 2017-07-20 2020-08-21 捷开通讯(深圳)有限公司 一种simlock密码的生成、注入方法及装置
US10333710B2 (en) * 2017-09-12 2019-06-25 Qed-It Systems Ltd. Method and system for determining desired size of private randomness using Tsallis entropy
CN109756884B (zh) * 2017-11-07 2021-06-22 中国电信股份有限公司 通信卡与终端批量配置的方法、装置和系统
WO2019142142A1 (en) 2018-01-19 2019-07-25 Qed-It Systems Ltd. Proof chaining and decomposition
US10911945B1 (en) * 2018-11-19 2021-02-02 Sprint Spectrum L.P. Automated eUICC service profile configuration in view of operational issue with respect to eUICC service profile
CN111880901B (zh) * 2020-07-29 2023-03-31 北京浪潮数据技术有限公司 一种网络配置方法、装置、设备及可读存储介质
CN112004222B (zh) * 2020-08-25 2022-08-23 中国联合网络通信集团有限公司 Usat应用匹配管理方法、终端、usim及系统
CN112839325A (zh) * 2020-12-29 2021-05-25 北京握奇智能科技有限公司 一种卡端应用实现机卡绑定的方法
CN114980071B (zh) * 2022-06-23 2023-06-23 中国联合网络通信集团有限公司 终端升级方法、装置及存储介质

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040043792A1 (en) * 2002-08-28 2004-03-04 Nokia Corporation Identity module for terminal equipment using prepaid applications
WO2006036521A1 (en) 2004-09-08 2006-04-06 Qualcomm Incorporated Bootstrapping authentication using distinguished random challenges
US20070178885A1 (en) 2005-11-28 2007-08-02 Starhome Gmbh Two-phase SIM authentication
CN101072403A (zh) 2007-06-12 2007-11-14 中兴通讯股份有限公司 一种实现sim/usim卡锁定到专门终端上的方法
US20080113687A1 (en) * 2006-11-10 2008-05-15 Prendergast Liam N Methods and systems for managing and/or tracking use of subscriber identity module components
CN101141718B (zh) 2006-09-04 2010-12-01 中兴通讯股份有限公司 一种移动终端锁卡方法
CN102056148A (zh) 2009-11-02 2011-05-11 中兴通讯股份有限公司 锁网移动终端的反破解方法和装置、及锁网移动终端
CN102088692A (zh) 2011-01-14 2011-06-08 华为终端有限公司 锁卡的方法和设备
US20120282891A1 (en) 2005-04-29 2012-11-08 Jahangir Mohammed Global platform for managing subscriber identity modules
CN103200562A (zh) 2012-01-10 2013-07-10 国民技术股份有限公司 通信终端锁定方法及通信终端
CN103415010A (zh) 2013-07-18 2013-11-27 中国联合网络通信集团有限公司 D2d网络鉴权方法及系统
US20140040991A1 (en) * 2011-01-05 2014-02-06 Gelmalto Sa Method for communicating between a server and a client and corresponding client, server and system
US20150249918A1 (en) * 2014-02-28 2015-09-03 Alibaba Group Holding Limited Establishing communication between devices

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101583126B (zh) * 2009-06-04 2013-11-06 中兴通讯股份有限公司 锁卡方法、客户识别模块卡以及移动终端
CN102131182B (zh) * 2011-03-14 2015-06-03 中兴通讯股份有限公司 一种移动终端锁网的方法和装置

Patent Citations (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040043792A1 (en) * 2002-08-28 2004-03-04 Nokia Corporation Identity module for terminal equipment using prepaid applications
WO2006036521A1 (en) 2004-09-08 2006-04-06 Qualcomm Incorporated Bootstrapping authentication using distinguished random challenges
US20060120531A1 (en) 2004-09-08 2006-06-08 Qualcomm Incorporated Bootstrapping authentication using distinguished random challenges
US20140242951A1 (en) 2005-04-29 2014-08-28 Jasper Wireless, Inc. Global platform for managing subscriber identity modules
US20150024708A1 (en) 2005-04-29 2015-01-22 Jasper Technologies, Inc. Global platform for managing subscriber identity modules
US20160050555A1 (en) 2005-04-29 2016-02-18 Jasper Technologies, Inc. Global platform for managing subscriber identity modules
US20150163661A1 (en) 2005-04-29 2015-06-11 Jasper Technologies, Inc. Global platform for managing subscriber identity modules
US20130273911A1 (en) 2005-04-29 2013-10-17 Jasper Wireless, Inc. Global platform for managing subscriber identity modules
US20120282891A1 (en) 2005-04-29 2012-11-08 Jahangir Mohammed Global platform for managing subscriber identity modules
US20070178885A1 (en) 2005-11-28 2007-08-02 Starhome Gmbh Two-phase SIM authentication
CN101141718B (zh) 2006-09-04 2010-12-01 中兴通讯股份有限公司 一种移动终端锁卡方法
US20080113687A1 (en) * 2006-11-10 2008-05-15 Prendergast Liam N Methods and systems for managing and/or tracking use of subscriber identity module components
CN101072403A (zh) 2007-06-12 2007-11-14 中兴通讯股份有限公司 一种实现sim/usim卡锁定到专门终端上的方法
US20120220269A1 (en) 2009-11-02 2012-08-30 Zte Corporation Anti-crack method and device for network-locked mobile terminal, and network-locked mobile terminal
CN102056148A (zh) 2009-11-02 2011-05-11 中兴通讯股份有限公司 锁网移动终端的反破解方法和装置、及锁网移动终端
US20140040991A1 (en) * 2011-01-05 2014-02-06 Gelmalto Sa Method for communicating between a server and a client and corresponding client, server and system
CN102088692A (zh) 2011-01-14 2011-06-08 华为终端有限公司 锁卡的方法和设备
CN103200562A (zh) 2012-01-10 2013-07-10 国民技术股份有限公司 通信终端锁定方法及通信终端
CN103415010A (zh) 2013-07-18 2013-11-27 中国联合网络通信集团有限公司 D2d网络鉴权方法及系统
US20150249918A1 (en) * 2014-02-28 2015-09-03 Alibaba Group Holding Limited Establishing communication between devices

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
English Translation of the Written Opinion of the International Search Authority in international application No. PCT/CN2014/077596, dated Oct. 31, 2014, 11 pgs.
International Search Report in international application No. PCT/CN2014/077596, dated Oct. 31, 2014, 2 pgs.
Supplementary European Search Report in European application No. 14879632.9, dated Nov. 14, 2016, 10 pgs.

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190246283A1 (en) * 2016-10-25 2019-08-08 Shenzhen Jia Ren Xun Information Technology Co., Ltd. Method for preventing network locking information of terminal device from being cracked

Also Published As

Publication number Publication date
WO2015109692A1 (zh) 2015-07-30
EP3099090A4 (en) 2016-12-14
US20170013451A1 (en) 2017-01-12
EP3099090B1 (en) 2019-07-10
EP3099090A1 (en) 2016-11-30
CN104811926A (zh) 2015-07-29

Similar Documents

Publication Publication Date Title
US9992678B2 (en) Network locking or card locking method and device for a mobile terminal, terminal, SIM card, storage media
US11962616B2 (en) Protection against rerouting a communication channel of a telecommunication device having an NFC circuit and a secure data circuit
EP3528160B1 (en) Method, system and terminal for encrypting/decrypting application program on communication terminal
EP3677008B1 (en) Method and electronic device for providing communication service
EP2741548A2 (en) Method for changing mno in embedded sim on basis of dynamic key generation and embedded sim and recording medium therefor
US9461995B2 (en) Terminal, network locking and network unlocking method for same, and storage medium
US8375454B2 (en) Method for locking an application program
JP2018500823A (ja) 装置鍵保護
WO2019109640A1 (zh) 一种锁定sim卡的方法及装置
CN106131021B (zh) 一种请求认证方法及系统
CN110266656A (zh) 免密认证身份识别方法、装置及计算机设备
CN107273150B (zh) 预加载固件下载写入方法及装置
CN104469736B (zh) 一种数据处理方法、服务器及终端
CN110691352B (zh) 一种sim卡访问控制方法、装置、介质和设备
CN110856170B (zh) 数据传输方法、装置及物联网通信系统
US9246910B2 (en) Determination of apparatus configuration and programming data
WO2013182112A1 (zh) 一种保护移动终端用户私密数据的方法和装置
CN107040501A (zh) 基于平台即服务的认证方法和装置
CN108600259B (zh) 设备的认证和绑定方法及计算机存储介质、服务器
US10616262B2 (en) Automated and personalized protection system for mobile applications
CN111093190B (zh) 写入关键数据的方法、装置、系统、电子设备及存储介质
Vahidian Evolution of the SIM to eSIM
CN108574657B (zh) 接入服务器的方法、装置、系统以及计算设备和服务器
CN111159652A (zh) 管控平台授权文件校验方法、装置、设备和存储介质
CN205864753U (zh) 一种终端设备的加密防护系统

Legal Events

Date Code Title Description
AS Assignment

Owner name: ZTE CORPORATION, CHINA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:MIAO, HAIXIANG;YANG, KE;LI, WEI;SIGNING DATES FROM 20160616 TO 20160621;REEL/FRAME:040414/0188

STCF Information on status: patent grant

Free format text: PATENTED CASE

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 4